summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--pkg/sentry/control/BUILD1
-rw-r--r--pkg/sentry/control/lifecycle.go36
-rw-r--r--runsc/boot/controller.go33
-rw-r--r--runsc/sandbox/sandbox.go4
4 files changed, 46 insertions, 28 deletions
diff --git a/pkg/sentry/control/BUILD b/pkg/sentry/control/BUILD
index deaf5fa23..9fb8a054d 100644
--- a/pkg/sentry/control/BUILD
+++ b/pkg/sentry/control/BUILD
@@ -6,6 +6,7 @@ go_library(
name = "control",
srcs = [
"control.go",
+ "lifecycle.go",
"logging.go",
"pprof.go",
"proc.go",
diff --git a/pkg/sentry/control/lifecycle.go b/pkg/sentry/control/lifecycle.go
new file mode 100644
index 000000000..67abf497d
--- /dev/null
+++ b/pkg/sentry/control/lifecycle.go
@@ -0,0 +1,36 @@
+// Copyright 2021 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package control
+
+import (
+ "gvisor.dev/gvisor/pkg/sentry/kernel"
+)
+
+// Lifecycle provides functions related to starting and stopping tasks.
+type Lifecycle struct {
+ Kernel *kernel.Kernel
+}
+
+// Pause pauses all tasks, blocking until they are stopped.
+func (l *Lifecycle) Pause(_, _ *struct{}) error {
+ l.Kernel.Pause()
+ return nil
+}
+
+// Resume resumes all tasks.
+func (l *Lifecycle) Resume(_, _ *struct{}) error {
+ l.Kernel.Unpause()
+ return nil
+}
diff --git a/runsc/boot/controller.go b/runsc/boot/controller.go
index e5b0ec3ae..548797788 100644
--- a/runsc/boot/controller.go
+++ b/runsc/boot/controller.go
@@ -57,20 +57,12 @@ const (
// ContMgrExecuteAsync executes a command in a container.
ContMgrExecuteAsync = "containerManager.ExecuteAsync"
- // ContMgrPause pauses the sandbox (note that individual containers cannot be
- // paused).
- ContMgrPause = "containerManager.Pause"
-
// ContMgrProcesses lists processes running in a container.
ContMgrProcesses = "containerManager.Processes"
// ContMgrRestore restores a container from a statefile.
ContMgrRestore = "containerManager.Restore"
- // ContMgrResume unpauses the paused sandbox (note that individual containers
- // cannot be resumed).
- ContMgrResume = "containerManager.Resume"
-
// ContMgrSignal sends a signal to a container.
ContMgrSignal = "containerManager.Signal"
@@ -111,6 +103,12 @@ const (
LoggingChange = "Logging.Change"
)
+// Lifecycle related commands (see lifecycle.go for more details).
+const (
+ LifecyclePause = "Lifecycle.Pause"
+ LifecycleResume = "Lifecycle.Resume"
+)
+
// ControlSocketAddr generates an abstract unix socket name for the given ID.
func ControlSocketAddr(id string) string {
return fmt.Sprintf("\x00runsc-sandbox.%s", id)
@@ -152,6 +150,7 @@ func newController(fd int, l *Loader) (*controller, error) {
ctrl.srv.Register(&debug{})
ctrl.srv.Register(&control.Logging{})
+ ctrl.srv.Register(&control.Lifecycle{l.k})
if l.root.conf.ProfileEnable {
ctrl.srv.Register(control.NewProfile(l.k))
@@ -340,17 +339,6 @@ func (cm *containerManager) Checkpoint(o *control.SaveOpts, _ *struct{}) error {
return state.Save(o, nil)
}
-// Pause suspends a sandbox.
-func (cm *containerManager) Pause(_, _ *struct{}) error {
- log.Debugf("containerManager.Pause")
- // TODO(gvisor.dev/issues/6243): save/restore not supported w/ hostinet
- if cm.l.root.conf.Network == config.NetworkHost {
- return errors.New("pause not supported when using hostinet")
- }
- cm.l.k.Pause()
- return nil
-}
-
// RestoreOpts contains options related to restoring a container's file system.
type RestoreOpts struct {
// FilePayload contains the state file to be restored, followed by the
@@ -482,13 +470,6 @@ func (cm *containerManager) Restore(o *RestoreOpts, _ *struct{}) error {
return nil
}
-// Resume unpauses a sandbox.
-func (cm *containerManager) Resume(_, _ *struct{}) error {
- log.Debugf("containerManager.Resume")
- cm.l.k.Unpause()
- return nil
-}
-
// Wait waits for the init process in the given container.
func (cm *containerManager) Wait(cid *string, waitStatus *uint32) error {
log.Debugf("containerManager.Wait, cid: %s", *cid)
diff --git a/runsc/sandbox/sandbox.go b/runsc/sandbox/sandbox.go
index 5fb7dc834..822da8c5e 100644
--- a/runsc/sandbox/sandbox.go
+++ b/runsc/sandbox/sandbox.go
@@ -981,7 +981,7 @@ func (s *Sandbox) Pause(cid string) error {
}
defer conn.Close()
- if err := conn.Call(boot.ContMgrPause, nil, nil); err != nil {
+ if err := conn.Call(boot.LifecyclePause, nil, nil); err != nil {
return fmt.Errorf("pausing container %q: %v", cid, err)
}
return nil
@@ -996,7 +996,7 @@ func (s *Sandbox) Resume(cid string) error {
}
defer conn.Close()
- if err := conn.Call(boot.ContMgrResume, nil, nil); err != nil {
+ if err := conn.Call(boot.LifecycleResume, nil, nil); err != nil {
return fmt.Errorf("resuming container %q: %v", cid, err)
}
return nil